Draft: CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates
requested to merge redhat/red-hat-ci-tools/kernel/bot-branches/centos-stream-9:backport-RHEL-35116-centos-stream-9-main into main
JIRA: https://issues.redhat.com/browse/RHEL-35116
CVE: CVE-2024-27065
netfilter: nf_tables: do not compare internal table flags on updates
Restore skipping transaction if table update does not modify flags.
Fixes: 179d9ba5559a ("netfilter: nf_tables: fix table flag updates")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit 4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139)
Signed-off-by: cki-backport-bot cki-ci-bot+cki-gitlab-backport-bot@redhat.com